Fábio Freitas
Fábio Freitas

MSc Information Security @ DCC - FCUP

Senior Vulnerability Researcher @ BitSight

Contact me

2023 © Fábio Freitas

Destroying Armies and Villages through Cross-Site Scripting - Bug Bounty Write-up

Write-up This is a story on how we exploited a Stored XSS vulnerability on the...

2021, Jan 29   —  5 minute read

CVE-2020-8817 - Mass Assignment in "Created by" attributes of Dataiku DSS Project Wiki Articles

CVE Id: CVE-2020-8817 CVSS Base Score: 4.3 Severity: Medium CWE classification: CWE-284 Dataiku DSS -...

2020, Mar 10   —  2 minute read

CTF Writeup - Execute No Evil - X-mas CTF 2019

An SQL Injection web-challenge in X-mas CTF 2019 solved with the xSTF CTF Team. From...

2019, Dec 18   —  3 minute read

HackerOne Vulnerability Report - Reflected XSS in pubg.com

HackerOne Report Link Affected asset(s) https://www.pubg.com/ Description PUBG’s main website https://www.pubg.com has an endpoint that...

2019, Dec 12   —  2 minute read

CTF Writeup - Flags - 35C3 Junior CTF

A write-up for one of the first web challenges in the 35C3 Junior CTF. This...

2018, Dec 09   —  2 minute read